Hello,
> error msg ev version: 0x3 msg_type 0x1 xid 0xb0f9bc99 type 0x4 code 0x9
this message means
ofp_error_type_type = OFPET_BAD_MATCH /* Error in match. */
ofp_bad_match_code = OFPBMC_BAD_PREREQ /* A prerequisite was not met. */
But I can't understand why the message comes out
because OXM_OF_ETH_TYPE's Pre-requisite is "None"
and OXM_OF_IPV4_DST's Pre-requisite is "ETH TYPE=0x0800(IPv4)"
(*Quotation from OpenFlowV1.2 spec)
In case of FlowMod operation (when setRule RESTcommand is sent),
what is outputted on the trace log of LINC ?
This is a normal FlowMod operation log on OpenVswitch.
-------------------------------------
ovs-vswitchd: 01928|vconn|DBG|tcp:127.0.0.1:6633: received: OFPT_FLOW_MOD
(xid=0xc1b7f697): ADD priority=0,ip,nw_dst=10.100.5.0/24 cookie:0x1 actions=drop
-------------------------------------
and Flows.
-------------------------------------
cookie=0x2, duration=22.821s, table=0, n_packets=0, n_bytes=0,
priority=0,ip,nw_dst=10.100.5.0/24 actions=drop
-------------------------------------
thanks.
(2013年04月16日 01:20), Shivaram Mysore wrote:
> Hello,
>
> Looks to me there is a error in processing rule_id 2. Is the syntax correct?
>
> Thanks
>
> /Shivaram
>
>
> Here is the *_output on cURL side_*:
>
> # curl -X POST -d '{"dl_src": "12:34:56:78:9a:bc", "actions": "DENY"}'
> http://localhost:8080/firewall/rules/0090fb3771ee0000
> {"switch_id: 0090fb3771ee0000": {"result": "success", "details": "Rule added.
> : rule_id=1"}}
>
>
> # curl -X POST -d '{"dl_type": "IPv4", "nw_dst": "10.100.5.0/24
> <http://10.100.5.0/24>", "actions": "DENY"}'
> http://localhost:8080/firewall/rules/0090fb3771ee0000
> *{"switch_id: 0090fb3771ee0000": {"result": "success", "details": "Rule
> added. : rule_id=2"}}*
>
>
> # curl -X POST -d '{"dl_type": "IPv4", "nw_proto": "TCP", "actions": "DENY"}'
> http://localhost:8080/firewall/rules/0090fb3771ee0000
> {"switch_id: 0090fb3771ee0000": {"result": "success", "details": "Rule added.
> : rule_id=3"}}
>
> # curl -i -H "Accept: application/json" -X GET
> http://localhost:8080/firewall/rules/0090fb3771ee0000
> HTTP/1.1 200 OK
> Content-Type: application/json; charset=UTF-8
> Content-Length: 202
> Date: Tue, 16 Apr 2013 07:09:49 GMT
>
> {"switch_id: 0090fb3771ee0000": {*"rule_id: 3*": {"priority": 0, "dl_type":
> "IPv4", "nw_proto": "TCP", "actions": "DENY"}, *"rule_id: 1"*: {"priority":
> 0, "dl_src": "12:34:56:78:9a:bc", "actions": "DENY"}}}
> *_Note_: missing "rule_id: 2"*
>
>
> *_On the Ryu Controller:_*
>
> Registering dpid=40808612199530496
> dpid=0090fb3771ee0000 : Join as firewall switch.
> EVENT ofp_event->RestFirewallAPI EventOFPStatsReply
> Entering Stats reply handler dpid=40808612199530496
> 127.0.0.1 - - [2013-04-16 00:08:06] "GET /firewall/module/status HTTP/1.1"
> 200 177 0.003101
> 127.0.0.1 - - [2013-04-16 00:08:27] "PUT /firewall/module/enable/all
> HTTP/1.1" 200 209 0.000357
> 127.0.0.1 - - [2013-04-16 00:09:02] "POST /firewall/rules/0090fb3771ee0000
> HTTP/1.1" 200 215 0.000532
> 127.0.0.1 - - [2013-04-16 00:09:14] "POST /firewall/rules/0090fb3771ee0000
> HTTP/1.1" 200 215 0.000496
> error msg ev version: 0x3 msg_type 0x1 xid 0xb0f9bc99 type 0x4 code 0x9
> 127.0.0.1 - - [2013-04-16 00:09:32] "POST /firewall/rules/0090fb3771ee0000
> HTTP/1.1" 200 215 0.000493
> EVENT ofp_event->RestFirewallAPI EventOFPStatsReply
> Entering Stats reply handler dpid=40808612199530496
> 127.0.0.1 - - [2013-04-16 00:09:49] "GET /firewall/rules/0090fb3771ee0000
> HTTP/1.1" 200 326 0.001302
>
>
> *On the LINC Side* - after making 3 flow entries, only 2 are registered.:
> (linc@linux-ksrb)1> linc_us3_flow:get_flow_table(0,0).
> {flow_entry,{0,#Ref<0.0.0.798>},
> 0,
> {ofp_match,[{ofp_field,openflow_basic,eth_type,false,
> <<8,0>>,
> undefined},
>
> {ofp_field,openflow_basic,ip_proto,false,<<6>>,undefined}]},
> <<0,0,0,0,0,0,0,3>>,
> [],
> {1366,96172,84508},
> {infinity,0,0},
> {infinity,0,0},
> []},
> {flow_entry,{0,#Ref<0.0.0.789>},
> 0,
> {ofp_match,[{ofp_field,openflow_basic,eth_src,false,
> <<18,52,86,120,154,188>>,
> undefined}]},
> <<0,0,0,0,0,0,0,1>>,
> [],
> {1366,96142,212872},
> {infinity,0,0},
> {infinity,0,0},
> []}]
> (linc@linux-ksrb)2>
>
>
> *All Rules do get deleted.*
>
> # curl -i -H "Accept: application/json" -X DELETE -d '{"rule_id":"all"}'
> http://localhost:8080/firewall/rules/0090fb3771ee0000
> HTTP/1.1 200 OK
> Content-Type: application/json; charset=UTF-8
> Content-Length: 96
> Date: Tue, 16 Apr 2013 07:18:09 GMT
>
> {"switch_id: 0090fb3771ee0000": {"result": "success", "details": "Rule
> deleted. : ruleID=3,1,"}
>
> _On the Controller side:_
> 127.0.0.1 - - [2013-04-16 00:18:09] "DELETE /firewall/rules/0090fb3771ee0000
> HTTP/1.1" 200 219 0.001526
>
> LINC rules are deleted correctly.
>
>
> Thanks
>
> /Shivaram
>
>
>
> On Sun, Apr 14, 2013 at 6:33 PM, watanabe.fumitaka
> <[email protected] <mailto:[email protected]>> wrote:
>
> Hello Shivaram,
>
> > 1. I could not delete an installed rule
>
> Please send command as follows.
>
> curl -X DELETE -d '{"rule_id":"1"}'
> http://localhost:8080/__firewall/rules/__0000000000000001
> <http://localhost:8080/firewall/rules/0000000000000001>
> curl -X DELETE -d '{"rule_id":"all"}'
> http://localhost:8080/__firewall/rules/__0000000000000001
> <http://localhost:8080/firewall/rules/0000000000000001>
>
>
> > 2. When I try to get all rules installed on the switch, I only get
> the 1st one.
>
> A cause is unclear.
> Is the flows installed on the switch ?
> (flow's cookie value is equal to "rule_id")
>
>
>
> Thanks.
>
>
>
> (2013年04月12日 23:30), Shivaram Mysore wrote:
>
> Hello all,
>
> Please find this document which details how to get REST firewall
> service working with LINC (running in OF 1.2 mode)
>
>
> https://github.com/__FlowForwarding/LINC-Switch/__blob/master/docs/example-REST-__firewall.md
>
> <https://github.com/FlowForwarding/LINC-Switch/blob/master/docs/example-REST-firewall.md>
>
> There are still a couple of open issues with Ryu:
>
> 1. I could not delete an installed rule
> 2. When I try to get all rules installed on the switch, I only get
> the 1st one.
>
>
> Thanks
>
> /Shivaram
>
>
>
> ------------------------------__------------------------------__------------------
> Precog is a next-generation analytics platform capable of advanced
> analytics on semi-structured data. The platform includes APIs for
> building
> apps and a phenomenal toolset for data science. Developers can use
> our toolset for easy data analysis & visualization. Get a free
> account!
> http://www2.precog.com/__precogplatform/__slashdotnewsletter
> <http://www2.precog.com/precogplatform/slashdotnewsletter>
>
>
>
> _________________________________________________
> Ryu-devel mailing list
> [email protected].__net
> <mailto:[email protected]>
> https://lists.sourceforge.net/__lists/listinfo/ryu-devel
> <https://lists.sourceforge.net/lists/listinfo/ryu-devel>
>
>
>
>
>
> --
> Strong Authentication, SOA, Web Services, PKI, Software Architecture, Product
> Strategy and Management Consultants:
> http://www.truststix.com/
> http://CloudSecurityProvider.blogspot.com
> (415) 968-9231 <https://www.google.com/voice?pli=1#phones>
------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________
Ryu-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/ryu-devel
